Technical

TF-CSIRT

CERT and System Security Information



Reports, Documents for Discussion and Comments

SANS (System Administration, Networking, and Security) Institute.
SANS offers a series of exceptional educational conferences, cooperative research reports, electronic digests, posters of authoritative answers to current questions, and cooperatively-created software. The Common Vulnerabilities and Exposures (CVE) list maintained by Mitre Comp.
CVE list is a list of standardised names for Vulnerabilities and other Information Security Exposures aimed to easy sharing data across separate vulnerability databases and security tools. The content of CVE is a result of a collaborative effort of the CVE Editorial Board of many security-related organizations such as security tool vendors, academic institutions, and government as well as other security experts.
  • NIST Recommendation: SP 800-51. Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme, September 2002
  • A Common Language for Computer Security Incidents by John Howard and Tom Longstaff

    "ICMP Usage in Scanning", by Ofir Arkin (PDF, PostScript)



    Information pages at European CERTs

    JANET-CERT: Security Information pages

    CERT-NL Reports: The CERT-NL organisation Oxford University Security advices (OxCERT)

    GARR-CERT Security Alerts (Italian)

    LUX-CERT Information page

    UNINETT security information



    Other Information Resources
     

    NIST CSRC Publications

    NIST Computer Security Special Publications

    Computer Incident Advisory Capability (CIAC)
    CIAC provides on-call technical assistance and information to Department of Energy (DOE) sites faced with computer security incidents. CIAC is an element of the Computer Security Technology Center (CSTC)

    Federal Computer Incident Response Capability (FedCIRC) CERT/CC tecnical tips

    Internet Security Systems, Inc.

    Cisco Secure Encyclopedia
    Online network vulnerabilities database, which also contains statistics of vulnerabilities, and other stuff.

    Security Focus Vulnerability Database

    Hiverworld Public Vulnerability Database

    NTBugtraq Vulnerability Database

    Latest virus info from Network Associates

    SECURITY at ITWorld.com
    Authentication - PKI - Biometric - Encryption - Intrusion - Prevention - Firewalls
     

    Unsolicited Commercial Email (Spam) - Technical and Legal issues



    Forums and Mailing lists

    The CERT® Advisory Mailing List
    Used to distribute copies of CERT/CC advisories and summaries ISS X-Force Mailing Lists

    CIAC Bulletins and Advisories

    SecurityFocus Mailing Lists Aarchives

    SANS mailing lists



    Legal issues

    Computer law and legislature in European countries at EuroCERT site

    Crypto Law Survey by Bert-Jaap Koops

    ICRI, Interdisciplinary Center for Law and IT (Belgium)

    World Cryptography Survey by Global Internet Liberty Campaign
     



    IETF Security related activity and information

    Site Security and Incidents Response related RFCs

    RFC 2196. Site Security Handbook (replaces the now obsolete RFC1244)
    RFC 2350. Expectations for Computer Security Incident Response (June 1998)
    RFC 2505. Users' Security Handbook (Feb 1999)
    RFC 2828. Internet Security Glossary
    RFC3013.  Recommended Internet Service Provider Security Services and Procedures

    Current IETF Working Groups

    INCH-WG (Incident Handling) - Security Area

    The purpose of the Incident Handling (inch) working group is to define data formats for communication between a CSIRT and its constituency, a CSIRT and parties involved in an incident investigation and between collaborating CSIRTs sharing information.
    This format will support the now largely human-intensive dimension of the incident handling process. It will represent the product of various incremental data gathering and analysis operations performed by a CSIRT from the time when the system misuse was initially reported (perhaps by an automated system) till ultimate resolution.
    Specifically, the working group will address the issues related to representing: the source(s) and target(s) of system misuse, as well as the analysis of their behavior; the evidence to support any analysis results; a scheme to document the incident investigation and analysis process; and constructs to facilitate the exchange of security information across administrative domains (e.g., internationalization, data sensitivity).  The WG will investigate the information model needed to support the typical, operational workflow of the incident handling processes found at Internet Service Providers; Managed Security Service Providers; Risk Analysis vendors; and traditional, internal CSIRTs.

    IDWG (Intrusion Detection Exchange Format)  - Security Area

    Scope of IDWG is to define data formats and exchange procedures for sharing information of interest to intrusion detection and response systems, and to management systems which may need to interact with them. Issues are rather related to operation level than to application. WG Activity contributed by specialists from ISS, Boeing Co, IBM, CyberSafe Corporation, Nokia and some Universities.


    Other Standards

    Computer Systems Security documents
    Rainbow Series Library

    The Common Criteria VERSION 2.1/ISO IS 15408 (MIL site; Common Criteria Project at NIST; International Common Criteria Project Home page)
    The Common Criteria (CC) is presented as a set of distinct but related parts as identified below.




    Maintained by Yuri Demchenko <demchenko@terena.nl>.


    HomeInformationConferencesInnovationTechnicalLibraryNews
    | Home | Information | Conferences | Innovation | Technical | Library | News |

    Updated 
    Copyright TERENA